Posted
by
Zonk
on Friday September 08, 2006 @09:28AM
from the doing-things-the-right-way-first dept.

bart_scriv writes "Facebook is responding to the recent uproar among its users by deploying better privacy protections and control, as well as being more open about future changes. This could be a case study for other social networking sites on how to avoid or deal with similar problems in the future." From the article: "A week before launch, when asked if he was concerned about a privacy backlash, he appeared surprised, saying, 'No, these people share stuff already and they get something out of sharing.' They've shared all right. And Facebook is listening. On Sept. 7, the site is ratcheting up privacy protections--the result of around-the-clock coding. On their privacy settings page, people will be given greater control over what items will or won't be included in news feeds." Relatedly, an anonymous reader writes "A recent Reuters article mentions that Facebook user Igor Hiller, 17, a freshman at University of California, Santa Barbara is organizing a real-world demonstration next Monday at Facebook's downtown Palo Alto headquarters." Read below for Zuckerman's Open Letter to the community.

theStorminMormon writes ""We really messed this one up." begins an open letter from Mark Zuckerberg to the Facebook community. The letter goes on to say: "When we launched News Feed and Mini-Feed we were trying to provide you with a stream of information about your social world. Instead, we did a bad job of explaining what the new features were and an even worse job of giving you control of them. I'd like to try to correct those errors now.

When I made Facebook two years ago my goal was to help people understand what was going on in their world a little better. I wanted to create an environment where people could share whatever information they wanted, but also have control over whom they shared that information with. I think a lot of the success we've seen is because of these basic principles.

We made the site so that all of our members are a part of smaller networks like schools, companies or regions, so you can only see the profiles of people who are in your networks and your friends. We did this to make sure you could share information with the people you care about. This is the same reason we have built extensive privacy settings — to give you even more control over who you share your information with.

Somehow we missed this point with Feed and we didn't build in the proper privacy controls right away. This was a big mistake on our part, and I'm sorry for it. But apologizing isn't enough. I wanted to make sure we did something about it, and quickly. So we have been coding nonstop for two days to get you better privacy controls. This new privacy page will allow you to choose which types of stories go into your Mini-Feed and your friends' News Feeds, and it also lists the type of actions Facebook will never let any other person know about. If you have more comments, please send them over.

This may sound silly, but I want to thank all of you who have written in and created groups and protested. Even though I wish I hadn't made so many of you angry, I am glad we got to hear you. And I am also glad that News Feed highlighted all these groups so people could find them and share their opinions with each other as well.

About a week ago I created a group called Free Flow of Information on the Internet, because that's what I believe in — helping people share information with the people they want to share it with. I'd encourage you to check it out to learn more about what guides those of us who make Facebook. Tomorrow at 4pm est, I will be in that group with a bunch of people from Facebook, and we would love to discuss all of this with you. It would be great to see you there.

if you don't want this information to be out there, don't put it on facebook. How did the news feed work any differently than the real-world gossip chain? I'm amazed that people are suprised that if I say I like johnny on facebook, other people can find out about it? Eh, maybe this will convince people that they shouldn't put their whole lives on internet.

A Demonstration!? Before you start screaming and harrassing a company, maybe, just maybe, you should give them some time to respond. In this case, the company has responded in record time and it still wasn't enough to stop this radical from freaking out. Nothing shouts 'unstable' like organizing protests at the drop of a hat.

Eh, maybe this will convince people that they shouldn't put their whole lives on internet.

You're just jealous your whole life isn't on the internet like George Washington's [youtube.com]!

But seriously, people feel important when they leave something online that might last forever. Legacy and stuff. Plus, we're a gregarious species so we love interaction with our peers. I don't think some people realize the trade-offs that come with publicizing your info.

"Held accountable?" For what damages, exactly? For god's sake, we're not talking about a bank's website. All we're talking about is a way for people to slightly more easily discover information that was already public. You should be happy they responded as quickly as they did.

And another thing: why the hell does it take two days for college students to organize a protest about Facebook making already-public information easier to access (OMGNO!!!), when they don't seem to do shit about secret prisons, torture, and other problems of large-scale government?

It's pretty sad that this sort of thing needs to be said, but it still needs to be said to a generation growing up in a world of Livejournals and Myspaces and Facebooks.

It's a damn good thing the Web wasn't born yet when I was in school. If half the things I said and did in my youth were posted to the web, I'd probably never crawl out from under my rock. Hell, I'm still paranoid someone wil dig up the message bases from the old BBSes I used to frequent and say really stupid things on.:-P

Its not the fact that they can see it, it is the fact that it is *broadcast* that makes it bad. I don't care that people I know find out that I break up with a girl, but I don't want it to be sent RSS style to everyone I know. They will find out in time, but preferably not all the next time they log to facebook. The old way, sure you were posting it on the internet, but there was a certain anonymnity to be found in the data overload of facebook. Now that changes are highlighted, its too easy.

Also, others are allowed to submit content to your page (like to my wall). If they do, I may want time to respond to it before all of my friends read it. Sure, the old way one or two might see it, but that risk is low.

This funtionality, if cut back, would be very useful. A notification of when friends put up new pictures would be great. Some things should be exempt from the feed, or at least have the option to have them never broadcast, so that they can fly 'under the radar'.

Why is this insightful? It's not. Do we really have to go around this circle again? How information is accessible is sometimes just important as what information is accessible.

No one previously thought that information they posted on Facebook anywhere was private (at least, from their friends). But now it is being aggregated and broadcast to every friend. If you think this is the same thing, then I suppose you also think that Google making the full-text of every book available on line is the same thing, whether they do it (as they are doing it) by allowing you to see only a snippet at time or whether they allow you to download the whole thing as a text file. The information available in either scenario is exactly the same, but based purely on how easy it is to get at that publicly available info one is fair use and the other is not.

It's just a simple fact, even IF information is public accessible, it still matters how accessible. Stop acting as though privacy is a binary proposition: either top-secret or totally-public with no differences in between. Facebook users are not posting info on the Net and getting annoyed that people aggregate it (which would be annoying but fair) they have joined a private networking group and then the rule's of that networking group got changed and it made a lot of them mad. Nothing private was revealed, but information that would have taken hours to aggregate every single day was suddenly available with 0 effort. That is a change, and not everyone has to be happy about it.

I say "them" because I didn't mind the changes. Now that the new privacy features have been changed, there's pretty much nothing left to talk about. The only complaint Facebook users have left is that the Feed disrupts the layout and (apparently) there's no way to turn it off by default so that you never even see it.

But considering how incredibly fast Mark and Facebook were to implement the needed privacy controls, I'm sure that this too will be available soon in the future. If only every company was as agile and quick to respond to its customers demands...

Is that it puts all your friends on the same level. I don't care about what happened to most of the people that are my 'friends'. If I wanted to know about them specifically, I can look at their page. What would be better would be to have a list of 'close friends' or something like that that you can add to a feed and only get reports from those few people.
Also, a 'opt-out' check box in the privacy settings would be nice. Or, as another comment said, it should be an 'opt-in' feature in the first place from a security setting.

this is hardly insightful. facebook is a closed community and as such there are certain requirements to joining it, such as already being part of a given community. There is also an expected certain level of privacy, as is explained in the letter written by Mark Zuckerberg.

If a site advertises a certain level of privacy and fails to provide it, that's bad, but it's something the guys at facebook are trying to fix. However you cannot simply say "boohoo you put your info on the net, suck it down". These people put their information on the web expecting its privacy. that isn't unreasonable.

Instead, they waited three days to plug this massive breach of privacy.

OK, I get really annoyed at the stupid people who can't tell the difference between making information available and delivering it to you all collated and sorted. Clearly how you present the information matters. But to call the Feeds a "massive breach of privacy" is really silly. Every single thing the Feeds announced was information already available to everyone that got the Feed. How is this a "massive" breach?

Massive breaches are when companies lose millions of social security numbers or credit card numbers. You seriously are crazy if you think just broadcasting to a group of friends whom you have already selected to see the information is really that horrible of a deal.

So for 3 days people had an easier time tracking your wall posts. Was it really so traumatic for you?

It's pretty sad that this sort of thing needs to be said, but it still needs to be said to a generation growing up in a world of Livejournals and Myspaces and Facebooks.

In the "good old days," all the people on your street used to know what you were up to. If you did something, the grapevine usually got that information to your folks before you got home. Of course it wasn't a perfect system and if you worked at it, you could hide your deeds from prying eyes (that's what tree forts were for).

Now, people are actually writing down the things they're doing and placing that information where anyone on the planet can see it. It really should come as no shock now. Was Facebook wrong for not doing a better job of protecting privacy? Sure. Are people culpable if they're silly enough to put embarassing and/or potentially damaging information on the Internet? You bet. The fact is, the younger generations don't understand the whole "global neighborhood" concept and it taskes something like this to make them aware that something they think is local is most assuredly not.

This is a damn social networking site we are talking about, not a copyrighted work. People make changes to their profiles with the clear intention of making the new information available to friends. So to complain that that information is made available more easily is absolutely ludicrous.

The real problem with the news feed is that it assumes that the relationships on facebook are something more than status points. There are of course real genuine friends on facebook and there's no doubt that those people who are real friends wouldn't mind having their other real friends know what they've been up to. The problem is that so many people have 500 some odd friends (people you met at a party one night after downing six glasses of jack in 15 minutes, or some random guy from your class) and there's no way that these people have any sort of meaningful relationship with all those people. The Facebook creators I think incorrectly assumed that the users would like to know what's going on with all their "friends", which we don't - i'm a user -. They also incorrecctly assumed that the majority of facebook connections are genuine - they aren't - (I have almost 200 friends on facebook, and that's a small number to some. Only about five or six of them are people that truly matter to me, the rest I hardly see or talk to).

as has been pointed out numerous times before, there's a difference between publicly accessible and publicly announced

I really think many people don't really "get" the internet.

There are these things called search engines and spiders out there that scrape information from public places constantly. It matters not what Facebook does or does not have for functionality. They are not the only gatherer and publisher of information on their site.

If it's on the internet and publicly available, it's public. If you don't want something public, to everyone, forever, don't put it on the internet in a publicly available place. It really is that simple. Teens and other young adults frequently post wacky / private crap about themselves or their friends all the time. Do you REALLY want a future potential employer "Googling" you and finding all this stuff? How about a potential boyfriend / girlfriend / husband / wife? Hell, I can still find posts of mine from the late 80's via google - and google didn't even exist when I wrote them! I can also find via the internet archive copies of my web site from 7 years ago.

You can't put something out there, publicly, and then scream when someone you don't want reading it, reads it. That's sheer stupidity. Publishing a blog or having conversations on social networking sites such as myspace / facebook in open forums is no different than publishing it in the New York Times or broadcasting on CNN. You have publicly announced the information. You like to THINK that you have a tight little private group, but that's just an illusion.

"my roommates and close circle of friends (who actually care what party I'm going to this weekend) would like to have me on their news-feed. However, the people I have as "friends" that I've met a couple times and we are now Facebook buddies mainly so I can easily let them know when we are having a party don't care whose wall I wrote on."

I believe there is a perfect device for what you describe here, the telephone. Remember those from back in the day?? When you wanted certain friends to know something, but not everyone??

Not every little detail of your life needs to be "online, immediately accessible" by everyone you know. I have a Myspace page but use it for specific networking purposes and wouldn't ever put anything on my page I wouldn't scream in a roomful of strangers. No names, specific locations, place of work, address etc will ever be posted no matter what Myspace says about privacy. Ultimately, everyone is in charge of their own privacy when it comes to this sort of thing - no matter what "policies" are in place, someone will find ways around them. Don't rely on others to protect your privacy.

The only point I was making is that going out to news.google.com and searching for the latest news on topic X is not the same as setting up an automatic filter or feed to send the articles to you. Similarly, checking out the latest article from blog Y is not the same thing as subscribing to the RSS feed from blog Y.

Some people may prefer one to the other, but they are not the same thing The information you get, however, is. So this proves my point: that there's more to this question than just what information is available.

This is so manifestly obvious that it's frustrating to believe there are people too stupid to realize this, and thick enough to actually argue that it's not the case.

If only we could make stupidity more painful...[thanks to whomever I ripped the sig from]

Exactly. And not only is it the global neighborhood concept, but there is the permanent record. Throw something online now, from a blog entry to a website to this Slashdot comment, and in 20 years it'll probably still be archived somewhere. Every Usenet post I've ever made is saved on Google groups. I'm in who knows how many IRC logs. Archive.org hosts a copy of my first website ever, but thankfully the embarassing background MIDIs no longer work. And anyone can easily rustle it all up if they want to.

It's very hard if not impossible to "erase" something from the net. There's always the chance somebody saved it. Once you post it, it's there for friends, relatives, enemies, strangers, police, stalkers, prospective employers, and whoever else to possibly get hold of one day.

So if you get divorced because she left you and cheated on you, thats a public record, and you obviously would not mind one bit if on the day of the filing that was on the front page of the NY Times? Or how about you got in a fight with your wife and I could hear it from outside so I recorded and played it back over the PA system at your office the next day?

Or how about how much you paid for your house? You have no problem with me sending a letter to all of your friends, neighbors, coworkers, etc telling them exactly how much you paid for it? That is most likely listed on the deed to your house which is a public record.

I disagree. There is a societal expectation that your private life not be broadcast even though it is "public." This expectation will probably change as tools like this become available. If you break up with someone, you may not care if people know, but just because your coworkers are linked to you on a social networking site doesn't mean you want that information immediately and easily available.

I perfectly understand how tools like this are deemed unacceptable and thats OK. It is how our society functions. If I have the time and effort, I can dig up dirt on anyone, but it will take more time and effort than I really care for. You can make a claim that this all goes out the window because its on the internet, but these sites are trying to mimic online what goes on in the real world, and enable real world friendships. However, making "stalking" like this so easy just deters people from making social connections. Just because I met a girl I kind of like at a bar last weekend and I made her my friend on Myspace does not mean that I want some girl I am seeing to get an immediate update of that fact. You are saying that this is obviously exactly what I want, and that is just not true.

This information is not available to "anyone on the planet". LJ users make posts friends-only, and most information on facebook is invisible to people who aren't your "friends". The information is being selectively dispersed, but people don't like how easily it can be spotted by those they've chosen to be able to view it.

It's too bad most young people have such a hard time figuring this out, or accepting these facts.

While facebook proclaims "closed" networks, being "closed" doesn't help when your info gets copied and pasted, and sent around to others outside your "closed network". The reality is that it's not as private as people would like to believe. In fact, it's not private at all.

Why do people keep making this argument? It's completely irrelevant to the actual problem being voiced. This is not an issue of people posting information to facebook and expecting privacy, it's an issue of bad UI design where people are given every small action performed by their friends on the front page. Even worse, people tend to friend everybody they've ever talked to and wind up getting spoon fed more information than they care to know about those people.

You're also wrong on a few counts, have you ever used facebook? The privacy controls severely limit the number of people able to view your profile. Google's crawlers won't be able to index this information unless the folks working for facebook open it up to them. The privacy controls are of course only as trustworthy as the people working for facebook, and also if you're friending everybody under the sun you have removed the ability of the privacy controls to help anyway.

In a way it's silly yes, but the fact that so many people felt so strongly does indicate that the way people treat and perceive networks is a more subtle thing than anybody thought. There is, in fact, a difference between broadcast and accessible in a few situations, and Facebook is one of them. It's the difference between telling everybody something and telling only those who ask. It's not amazing people prefer the latter, though how Facebook could have predicted this is anybodies guess.... social software is just hard.

But don't put things up for the world to see then get shocked that they really did see them. We know you are not all comp.scientists and stuff, but for Gates' sake this is slashdot!
I agree- however, none of that matters. All that matters is what your users think/perceive. Even if you are 100% right, if your users don't agree, even if your users are 100% wrong, then you will be out of business quick...
If the facebook users dont like the changes, and facebook wants to stay in business, they had better undo the changes...
Sort of like, you can have the right of way as a pedestrian in a crosswalk, but when the car runs you over you are still dead. I mean, you were right, but your still run over...

All I've been reading on/. is such memes as "if you don't want it public, don't put it up there", and yes that is completely true, and for many people that is the case. However I think the largest complaint is not about privacy, but just framed in those words.

Consider being at a restaraunt with a friend. You are at a public place, and so you really have no expectation of privacy. Now, do you expect everyone there to know about your conversation? Its not an issue of privacy because you aren't in a private place, but at the same time there is an expectation of exclusivity. If I'm talking with a friend in a public place, yes, people can eavesdrop, but I don't expect it.

The problem with the newsfeed wasn't that it was a violation of privacy, but rather that it globalized eavesdropping (per analogy). If someone wrote on the wall, that is something between them, much like the conversation in the restaraunt.

For many (most?) FB users this isn't about what information is strictly available. It about the social consturcts that govener when and where it is appropriate to use that information. Example: Your breakup causes you to change your "relationship status" from "in a relationship" to "single." Now, presumably your real friends know this without looking it up on facebook. People who are acquaintances (but "friends" on facebook) might not be aware until they look at your profile. If they look at your profile every day (and specifically look at your relationship status), they might notice immediately. However, if they mention the breakup, its considered stalker-ish.

So basically, its not what information is made available, its how that information used. If you make it known that you're aware they changed relationship status earlier that day, then you're giving away information about yourself, specifically how often you check their FB profile. This is really the complaint about the news feeds. It can't really be considered stalker behavior if the information is presented to you.